back to article Silent Circle shutters email service

Silent Circle, the company founded by former PGP wonks and Navy Seals and which offers very, very, secure communications, has decided to shutter its Silent Mail email service. The decision, announced in a blog post, comes on the same day that Lavabit, another secure email service, decided to close because it cannot guarantee …

COMMENTS

This topic is closed for new posts.

Page:

Bronze badge
Boffin

Re: PGP-encrypted usenet posts (or similar)

"a unique key for each and every person you want to send important stuff to"

"Unless I'm missing something?"

You are indeed missing something.

PGP-like crypto will do what you want, but you distribute ONE key, your public key, to everyone, and they give you copies of their public keys. You use PGP to encrypt your message with the intended recipient's (or recipients') public key(s), and only that recipient / those recipients can decrypt it. You can also sign the message with your private key, and they can use their copies of your public key to know it's from you.

You then post the message on a suitable newsgroup (alt.anonymous.messages is a traditional candidate, assuming it still exists), preferably with a tag that will enable others to find it. To disconnect it from you a bit, post it via a chain of anonymous remailers.

All you need then is a way to hoover up the contents of alt.anonymous.messages (or similar) and find your messages. For traffic analysis purposes, of course, you hoover up everything so that nobody can tell which are your messages by looking at which messages you pick out.

Summary: none of this stuff is new. I last used this type of stuff around 12 years ago.

2
0
Silver badge

Re: PGP-encrypted usenet posts (or similar)

Well, I was under the impression that using a different PGP "ID" (different key pairs) for different recipients would make it harder to crack for someone with a lot of resources (someone who could, say, compromise some or all of the recipient's systems and has a lot of computing power to spare) but I am not an expert in this so it could be that I'm wrong and using only one pair of keys is hard enough.

0
0
Anonymous Coward

Re: PGP-encrypted usenet posts (or similar)

one of )the big problem with email is that it is necessarily from an identifiable account to another, so there must be someone somewhere who knows who is who. If you adopt the opposite strategy, which is to make the message available to world+dog, but select who will be able to decrypt it, then you're good. As good as your encryption cypher is, at least.

You have touched upon the one massive problem with secure email (PGP et al): it is only SECURE, it is not private. If you recall what the NSA hubbub was about, it wasn't about the calls themselves but about the meta data: who called who. If you're a journalist who sees a celeb emailing an STD clinic you can encrypt that as much as you like - the link is made.

If Alice sends Bob a PGP encrypted email it is still visible that there Alice and Bob communicate.

There is a secondary issue I see show up in these postings: the black-and-white view. Protecting email is risk management. The statement "secure" is meaningless if not followed by what it must be secured from. The wife reading it? Competition intercepting it? Law enforcement? The latter is ill advised - you cannot stop law enforcement if duly authorised. The trick here is to move to a jurisdiction where law enforcement still has to follow some basic rules. Sometimes, all it takes to close the backdoor is to move your email service to a different country.

Guard for techno-overkill, because it will eat your budget for no sensible return on investment.

2
0
Bronze badge
Big Brother

Re: PGP-encrypted usenet posts (or similar)

"would make it harder to crack for someone with a lot of resources ..."

Well, it would, but the best resource for getting through the protections around private keys is a couple of feet of rubber hose. Or see http://xkcd.com/538/ for an alternative implement.

So yes, you need to protect your private keys in order to protect the people who send you messages, but that was obvious and doesn't need multiple keys. (Arguably it makes accessing *some* of your content easier, as they have more keys available to attack.)

The time needed to brute force PGP keys is prohibitive. They are based on computationally expensive operations involving very large prime numbers, and the normal estimates are multi-digit numbers multiplied by the age of the universe. The more interesting part is that **ALL** the information needed to reverse-engineer the private key is in the public key, but that information is of almost no value whatsoever, except insofar as having the public key allows an alphabet-soup agency to easily identify the guest of honour at the rubber hose party.

A more feasible target for attacks is the password / passphrase that protects the private key. The most effective computational(*) attack on this is the normal rainbow table attack.

(*) The rubber hose or $5 wrench are not computational attacks, but are probably more effective than any computational attack, except if you need to keep the owner of the key unaware of the attack.

0
0
Silver badge

Re: rubber hose

I guess in that case the whole point of private communications is to _prevent_ the rubber hose / waterboarding cryptographic attack...

Other than that I guess you're right, a single key pair is probably enough, unless you want to go for the "plausible deniability". Which won't help once in Gitmo. Which is one of the place That Snowden will never be sent to, honest, after all he's but a lowly, unimportant 29 yo hacker with no important information at all, no siree. Honest. Unless you want to voluntarily hand him to us. Lovely country you have here, would be a shame if something happened to it, wouldn't it? But hey, no pressure, it's up to you really.

2
0
Silver badge

Re: PGP-encrypted usenet posts (or similar)

"The time needed to brute force PGP keys is prohibitive"

Using a normal computer, yes, but a quantum computer can factor in reasonable time with Shor's algorithm. And since a powerful quantum computer would be a game breaker, the government could already have a sufficiently powerful machine available under a black (as in existence denied) project.

Elliptical encryption can be converted to a factoring problem, meaning it's subject to Shor's algorithm, too. The trend these days is lattice encryption; it's one form of math that can't be converted to a form Shor's algorithm can handle.

0
0

geeez

That's why people create these kind of projects: http://www.kickstarter.com/projects/331579200/heerme

They'll probably shut them down before they even start..

2
0

I am of the belief that, as mentioned in a previous post, it's better to let a message be available to world+dog and encrypt it, than try to hide the whole line of communication.

My rule is: always encrypt at the client using a public key published by and for your recipient, then send to recipient.

All that's needed to enable this to work more transparently on the existing email system is for there to be a replicated worldwide set of servers that hold public keys for given email addresses, and an email client 'add-on' that can look up the key and encrypt an email using it before sending the email.

The user of any given public key can update to the public key servers for the email-key pair as and when they need to.

Please somebody tell me this somewhat simple system already exists?

1
0

This post has been deleted by its author

Silver badge

Re: try to hide the whole line of communication

> I am of the belief that, as mentioned in a previous post, it's better to let a message be available to world+dog and encrypt it, than try to hide the whole line of communication.

I do too as you noticed.

However your solution (which does exist, Claws Mail with the GPG add-on does exactly that) still entails an identifiable sender and an identifiable recipient, as well as a timestamp; which is a LOT of information, when recouped on a large scale. "aimless" posts in a public place (possibly through a proxy chain) is probably safer in the case of really important stuff.

0
0

OpenPGP / GnuPG integration

Some Open Source mail clients already include OpenPGP integration. And all major Linux distributions already have their own keyservers for the package maintainers' keys.

How feasible would it be for some distro to set up a keyserver for public use; and have a tool which generates you a private / public key pair, saves the private key -- preferrably to a device it thinks is removable, such as a USB stick, but in any case with 600 permissions -- publishes the public key to their own server, and inserts a link in your signature block to download your public key, so that recipients of encrypted e-mails at least get a clue what to do with them? (Of course, if they were using the same distro as you, their e-mail client would be patched to spot its own special signature blocks and would offer to fetch the necessary public key for you.)

In fact, it could even store a much cut-down distro with just the kernel, X, mail client and associated libraries on the USB stick with the private key. Boot this up on any PC with Internet access and send secure e-mails!

0
0
Silver badge

Re: OpenPGP / GnuPG integration

Claws Mails works reasonably well to that regard, and certainly easily enough for Joe Public, through integration with the GPA. The combination works on Windows, too...

1
0
Anonymous Coward

Public information request

What we could do with, before it becomes illegal to do so, is to have a crib sheet for dummies on how to secure their communications along the lines of what has been described above.

Given the info above, I could fairly easily work out how to do all that, get the pgp software, set up my keys and gain access to anon remailers etc. to alt.anon, but your average Jo won't.

Let's face it, when the revolution starts, I don't think it will be high tech, and the leaders of that revolution won't necessarily have the requisite knowledge. If we could provide them with an faq that they could use it may help.

From little seeds and all that.

I could (and may) write one myself, but it would be nice if there was already one out there that could be more widely publicised.

1
0
Anonymous Coward

Perhaps someone could work up a secure communication system that could work like some kind of Bitcoin-like system.

The idea is that all messages in the system are encrypted, and none of the messages have addressees. Perhaps some kind of separator signal, vague timestamp, or nondescript identifier at most: mostly for the sake of organization. If the message is intended for you, your key will decrypt a certain block of data. To handle multiple recipients, perhaps a pre-message can be encrypted for you giving you a group or one-time key for a future message.

The key is that the whole message chain is kept in one encrypted blob (that's why I thought Bitcoin: its block chain works similarly).

I just have a problem with the idea of having to download the whole thing at once to stay current. That's the main reason I swore off Bitcoin—block chain maintenance threatened my download cap. But perhaps a compromise: the ability to selecively download messages but only in very coarse ways, say a day at a time or something like that. Something too broad for snoops but still of manageable size for people with poor bandwidth or low download caps.

Now that I think about it, sounds like something you could pull off with something like a 4chan page, but with perhaps a *little* more organization, such as not allowing nonencrypted content. Of course, hosting will be an issue, not just for the space but also for the legal issues (I don't think "Everyone uses their own keys; I don't know them" will cut it in a "contributing to terrorism" case).

0
0

Page:

This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2017